Medtronic Confirms Breach After Hackers Claim 9 Million Records #cybersecurity #databreach

Medtronic, one of the world's largest medical device companies, confirmed last week that hackers accessed data in its corporate IT systems. The extortion group ShinyHunters claims 9 million records. Medtronic disclosed the breach in late April 2026, saying patient safety, medical devices, and manufacturing were not affected — corporate IT runs on a separate network. ShinyHunters, an extortion group that has listed Medtronic among roughly 40 organizations targeted since January 2026, claims to have exfiltrated 9 million records of personal data and 4 terabytes of internal files. Medtronic has since been removed from ShinyHunters' leak site. The broader ShinyHunters campaign has centered on exploiting misconfigured Salesforce Experience Cloud guest user permissions — Salesforce says this is a customer configuration issue, not a platform vulnerability, though the scale of affected organizations raises questions about default settings and platform responsibility. Sources: https://www.bleepingcomputer.com/news/security/medtronic-confirms-breach-after-hackers-claim-9-million-records-theft/ https://www.massdevice.com/medtronic-discloses-it-system-breach/ https://www.techradar.com/pro/security/shinyhunters-exposes-data-on-mytheresa-zara-carnival-7-eleven-over-40-organizations-tied-up-in-new-data-trove-which-will-stay-up-indefinitely More on cybersecurity, privacy, scams, and homelab on Hake Hardware. New shorts every weekday.